CVE-2017-9473

Опубликовано: 07 июн. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

Ссылки

https://blogs.gentoo.org/ago/2017/05/24/ytnef-memory-allocation-failure-in-tneffillmapi-ytnef-c/
Exploit
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFJWMUEUC4ILH2HEOCYVVLQT654ZMCGQ/
https://usn.ubuntu.com/3667-1/
Third Party Advisory
https://blogs.gentoo.org/ago/2017/05/24/ytnef-memory-allocation-failure-in-tneffillmapi-ytnef-c/
Exploit
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFJWMUEUC4ILH2HEOCYVVLQT654ZMCGQ/
https://usn.ubuntu.com/3667-1/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ytnef_project:ytnef:1.9.2:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 49%

0.00262

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2017-9473

CVSS3: 5.5

ubuntu

больше 8 лет назад

In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

CVE-2017-9473

CVSS3: 5.5

debian

больше 8 лет назад

In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote ...

GHSA-f94h-w96q-8548

CVSS3: 5.5

github

больше 3 лет назад

In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

EPSS

Процентиль: 49%

0.00262

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo